13538 matches found
CA BrightStor ARCserve Backup Media Server SUN-RPC Procedure Code Execution - Ver2 (CVE-2007-1785)
Computer Associates BrightStor ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including Backup and Restore, Data Migration, and Threat Management. There exists a...
Novell Client NetIdentity Agent Remote Pointer Dereference Code Execution - Ver2 (CVE-2009-1350)
The Novell NetIdentity agent works with eDirectory authentication to provide background authentication to Windows Web-based applications that require eDirectory authentication, such as iPrint, Novell Portal Services, eGuide, Novell NetIdentity, ZENworks, NetStorage, and iManager. NetIdentity...
Cisco Prime Data Center Network Manager processImageSave.jsp Arbitrary File Upload (CVE-2013-5486)
An arbitrary file upload vulnerability exists in Cisco Prime Data Center Network Manager...
Adobe Acrobat and Reader Memory Corruption (APSB14-28: CVE-2014-8445)
A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Acrobat and Reader parses a malformed PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Memory Corruption (APSB13-22: CVE-2013-3352)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Suspicious Javascript Containing Overly Long Strings (CVE-2013-2551)
Javascript may contain variables assigned with overly long strings. This behavior may indicate an exploitation attempt...
ABB MicroSCADA Wserver Multiple Buffer Overflows
Multiple Buffer Overflow vulnerabilities have been reported in the Wserver component of ABB MicroSCADA. The vulnerabilities are due to the copying of user controlled data to stack-based buffers without size verification. A remote attacker can exploit this issue by sending a specially crafted...
Cisco Prime Data Center Network Manager FileUploadServlet Arbitrary File Upload (CVE-2013-5486; CVE-2019-1620)
An arbitrary file upload vulnerability exists in Cisco Prime Data Center Network Manager. The vulnerability is due to lack of authentication and insufficient input validation in the FileUploadServlet when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to...
Adobe Flash Player Memory Corruption (APSB13-28: CVE-2013-5332)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
Microsoft IIS Short Filename Information Disclosure
An information disclosure vulnerability has been reported in Microsoft IIS. The vulnerability is due to an error in the way Microsoft IIS handles specially crafted URLs. A remote attacker can leverage this vulnerability to view undisclosed information stored on the server...
Apache Solr SolrResourceLoader Directory Traversal (CVE-2013-6397)
A directory traversal vulnerability has been reported in Apache Solr. The vulnerability is due to insufficient validation of the resource paths passed to certain Solr REST services. A remote attacker can exploit this vulnerability by sending a specially crafted request to Apache Solr. Successful...
Adobe Flash Player Memory Corruption (APSB13-26: CVE-2013-5329)
A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...
JavaScript Malicious Obfuscation Techniques
Known exploits could potentially bypass security products by using JavaScript obfuscation techniques. Since the exploits are obfuscated they may not be detected by IDS and IPS systems, thus allowing attackers to successfully attack target machines...
GLPI install.php Remote Command Execution (CVE-2013-5696)
A command execution vulnerability has been reported in GLPI...
Oracle Outside In Microsoft Access 1.x Parser Buffer Overflow (CVE-2013-5791)
A stack buffer overflow vulnerability exists in Oracle Outside-In, a set of libraries used to decode many file formats. The vulnerability is due to an error while processing Microsoft Access 1.x database files .mdb. This vulnerability can be exploited by causing an application that uses the...
PHP OpenSSL Extension X.509 Certificate Memory Corruption (CVE-2013-6420)
A code execution vulnerability has been reported in PHP. The vulnerability is due to a memory corruption error when handling a malicious ASN.1 data type for a timestamp in an X.509 certificate. A remote attacker can exploit this flaw by sending a malicious certificate...
WellinTech KingView ActiveX Control Heap Buffer Overflow Remote Code Execution (CVE-2011-3142)
A stack-based buffer overflow vulnerability has been reported in WellinTech KingView ActiveX control. The vulnerability is due to failure to perform adequate boundary checks on user-supplied input. A remote attacker can exploit this vulnerability by sending via a long second argument to the...
Vtiger CRM Authenticated Remote Code Execution
A remote code execution vulnerability has been reported in VTiger CRM...
OpenLDAP rwm Overlay Denial of Service (CVE-2013-4449)
A denial of service vulnerability has been reported in OpenLDAP...
Zabbix Multiple SQL Injections Information Disclosure
An SQL Injection vulnerability has been reported in Zabbix...
GIMP XWD File Handling Heap Buffer Overflow (CVE-2013-1978)
A heap buffer overflow vulnerability leading to code execution has been reported in GNU Image Manipulation Program GIMP. The vulnerability is due to insufficient validation of certain fields while parsing XWD files. Remote attackers can exploit this vulnerability by enticing the target user to op...
IBM Platform Symphony SOAP Requests Processing Buffer Overflow (CVE-2013-5387)
A buffer overflow vulnerability has been reported in IBM Platform Symphony...
Microsoft Access Memory Corruption (MS13-074; CVE-2013-3155)
A remote code execution vulnerability exists in Microsoft Access...
Sybase Multiple Products Directory Traversal (CVE-2011-2474)
A directory traversal vulnerability has been reported in multiple Sybase products...
Microsoft Internet Explorer runtimeStyle Handling Memory Corruption (MS13-080; CVE-2013-3882)
A memory corruption vulnerability exists in Microsoft Internet Explorer...
HP SiteScope issueSiebelCmd SOAP Request Code Execution (CVE-2013-4835)
A command execution vulnerability has been found in HP SiteScope...
Adobe Acrobat and Reader ToolButton Use After Free (APSB13-15; CVE-2013-3346)
A use after free vulnerability exists in Adobe Acrobat and Reader...
HP Intelligent Management Center SOM euAccountSerivce Authentication Bypass (CVE-2013-4824)
An authentication bypass vulnerability exists in the SOM add-in module of HP Intelligent Management Center...
Kingsoft Writer Font Names Buffer Overflow (CVE-2013-3934)
A code execution vulnerability has been reported in Kingsoft Writer. The vulnerability is due to an error while handling font names in WPS or Office word files. A remote attacker can exploit this vulnerability by enticing an unsuspecting user to download and process a malicious file with a...
Linux Kernel UDP UFO Large Packet Denial of Service (CVE-2013-4563)
A denial of service vulnerability exists in Linux Kernel with UDP Fragmentation Offload UFO enabled...
Microsoft Access ACCDB File Memory Corruption (MS13-074; CVE-2013-3157)
A memory corruption vulnerability has been reported in Microsoft Access...
Nodejs js-yaml load() Code Execution (CVE-2013-4660)
A JavaScript Code Execution vulnerability has been reported in Nodejs...
AdaptWeb Web Application SCADA SQL Injection (CVE-2009-2152)
An SQL Injection vulnerability has been reported in AdaptWeb 0.9.2. The vulnerability is due to improper validation of the CodigoDisciplina parameter passed to the application. A remote unauthenticated attacker could exploit this vulnerability by sending a request with a crafted CodigoDisciplina...
ABB MicroSCADA Wserver Command Execution
A command execution vulnerability has been reported in ABB MicroSCADA. The vulnerability is due to insufficient user authentication by the wserver.exe program when accepting remote execution calls. A remote, unauthenticated attacker can exploit this vulnerability to execute arbitrary commands on...
ANSSI Improperly Issued Digital Certificates HTTPS Spoofing
Several improperly issued CA certificates could be used in HTTPS spoofing attacks...
Microsoft Windows X.509 Certificate Validation Denial of Service (MS13-095; CVE-2013-3869)
A denial of service vulnerability exists in Microsoft Windows. The flaw is due to improper handling of specially crafted X.509 certificates during certificate validation. Successful exploitation could cause a denial of service condition where the web service becomes unresponsive.A remote attacker...
ManageEngine DesktopCentral AgentLogUpload Arbitrary File Upload
A code execution vulnerability has been reported in ManageEngine DesktopCentral. The vulnerability is due to lack of authentication and insufficient input validation in the AgentLogUploadServlet.class when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to...
Apache Roller OGNL Injection Remote Code Execution (CVE-2013-4212)
A command execution vulnerability exists in Apache Roller due to a lack of sanitization on OGNL expressions passed to certain methods. This can lead to OGNL injection which can result in remote code execution. A remote unauthenticated attacker could exploit this vulnerability by sending crafted...
Multiple OS Malicious Payload Remote Code Execution
A remote code execution vulnerability has been reported in multiple operating systems. A remote attacker can exploit this vulnerability by delivering malicious payload to the target machine. Successful exploitation would allow an attacker to execute code on the target...
Malicious Payload Encoding Remote Code Execution
Malicious payload can be encoded to circumvent security software. Successful exploitation could allow attackers to execute arbitrary code on the target...
PDF Containing Suspicious OpenAction
A remote code execution vulnerability has been reported in Adobe Acrobat and Reader when handling PDF files that contain plain JavaScript. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file...
Trimble Navigation SketchUp BMP File Code Execution (CVE-2013-3663)
A remote code execution vulnerability has been reported in Trimble Navigation's SketchUp...
PDF Containing Suspicious JavaScript Code
A remote code execution vulnerability has been reported in Adobe Acrobat and Reader when handling PDF files that contain plain JavaScript. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file...
Microsoft Internet Explorer Memory Corruption (MS13-097: CVE-2013-5049)
A remote code execution vulnerability has been reported in Internet Explorer...
Microsoft Windows WinVerifyTrust Signature Validation Code Execution (MS13-098; CVE-2013-3900)
A remote code execution vulnerability has been reported in Microsoft Windows...
Microsoft Internet Explorer Memory Corruption (MS13-097: CVE-2013-5052)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Preemptive Protection against Nginx Request URI Verification Security Bypass (CVE-2013-4547)
A security bypass vulnerability has been reported in Nginx...
Microsoft Scripting Runtime Object Library Use-After-Free Code Execution (MS13-099; CVE-2013-5056)
A remote code execution vulnerability has been reported in the Microsoft Scripting Runtime Object Library...
Microsoft Internet Explorer Memory Corruption (MS13-097: CVE-2013-5051)
A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...
Microsoft Windows Win32 Shellcode Remote Code Execution
A remote code execution vulnerability has been reported in Microsoft Windows...